summaryrefslogtreecommitdiff
path: root/man/taler.conf.5
diff options
context:
space:
mode:
Diffstat (limited to 'man/taler.conf.5')
-rw-r--r--man/taler.conf.5199
1 files changed, 185 insertions, 14 deletions
diff --git a/man/taler.conf.5 b/man/taler.conf.5
index 3ca1d3c4..6ae7dd4d 100644
--- a/man/taler.conf.5
+++ b/man/taler.conf.5
@@ -27,7 +27,7 @@ level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
-.TH "TALER.CONF" "5" "Mar 07, 2024" "0.9" "GNU Taler"
+.TH "TALER.CONF" "5" "May 15, 2024" "0.10" "GNU Taler"
.SH NAME
taler.conf \- Taler configuration file
.SH DESCRIPTION
@@ -79,8 +79,6 @@ from \fI\%GNU autoconf\fP\&. The
values are usually dependent on an \fBINSTALL_PREFIX\fP which is determined by
the \fB\-\-prefix\fP option given to configure. The canonical values are:
.INDENT 0.0
-.INDENT 3.5
-.INDENT 0.0
.IP \(bu 2
LIBEXECDIR = $INSTALL_PREFIX/taler/libexec/
.IP \(bu 2
@@ -98,8 +96,6 @@ LIBDIR = $INSTALL_PREFIX/lib/taler/
.IP \(bu 2
DATADIR = $INSTALL_PREFIX/share/taler/
.UNINDENT
-.UNINDENT
-.UNINDENT
.sp
Note that on some platforms, the given paths may differ depending
on how the system was compiled or installed, the above are just the
@@ -346,21 +342,31 @@ Works the same as \fBTERMS_ETAG\fP, just for the privacy policy.
.UNINDENT
.SS EXCHANGE KYC PROVIDER OPTIONS
.sp
-The following options must be in the section \(dq[kyc\-provider\-XXX]\(dq sections.
+The following options must be in the section \(dq[kyc\-provider\-$PROVIDER_NAME]\(dq sections.
.INDENT 0.0
.TP
-.B COST
-Relative cost of the KYC provider, non\-negative number.
-.TP
.B LOGIC
API type of the KYC provider.
.TP
-.B USER_TYPE
-Type of user this provider is for, either INDIVIDUAL or BUSINESS.
+.B CONVERTER
+Name of a program to run on the output of the plugin
+to convert the result into the desired set of attributes.
+The converter must create a log for the system administrator
+if the provided inputs do not match expectations.
+Note that the converter will be expected to output the
+set of attributes listed under the respective \fB[kyc\-check\-*]\fP
+sections. Calling the converter with \fB\-\-list\-outputs\fP
+should generate a (newline\-separated) list of attributes
+the converter promises to generate in its JSON output
+(when run regularly).
.TP
-.B PROVIDED_CHECKS
-List of checks performed by this provider. Space\-separated names of checks, must match check names in legitimization rules.
+.B COST
+Optional cost, useful if clients want to voluntarily
+trigger authentication procedures for attestation.
.UNINDENT
+.sp
+Additional logic\-specific options may be given in the
+section.
.SS EXCHANGE KYC OAUTH2 OPTIONS
.sp
The following options must be in the section \(dq[kyc\-provider\-XXX]\(dq sections with \(dqLOGIC = oauth2\(dq.
@@ -447,6 +453,171 @@ The following option must be in the section \(dq[kyclogic\-persona]\(dq.
.B WEBHOOK_AUTH_TOKEN
Authentication token Persona must supply to our webhook. This is an optional setting.
.UNINDENT
+.SS EXCHANGE KYC CHECK OPTIONS
+.sp
+The following options must be in \(dq[kyc\-check\-$CHECK_NAME]\(dq sections.
+.INDENT 0.0
+.TP
+.B TYPE
+Which type of check is this? Also determines
+the SPA form to show to the user for this check.
+.INDENT 7.0
+.IP \(bu 2
+INFO: wait for staff or contact staff out\-of band
+(only information shown, no SPA action)
+.IP \(bu 2
+FORM: SPA should show an inline (HTML) form
+.IP \(bu 2
+LINK: SPA may start external KYC process or upload
+.UNINDENT
+.TP
+.B VOLUNTARY
+Optional. Set to YES to allow this check be
+done voluntarily by a client (they may then
+still have to pay for it). Used to offer the
+SPA to display checks even if they are
+not required. Default is NO.
+.TP
+.B PROVIDER_ID
+Provider id, present only if type is LINK.
+Refers to a \fBkyc\-provider\-$PROVIDER_ID\fP section.
+.TP
+.B FORM_NAME
+Name of the SPA form, if type is FORM
+\(dqINFO\(dq and \(dqLINK\(dq are reserved and must not be used.
+The exchange server and the SPA must agree on a list
+of supported forms and the resulting attributes.
+The SPA should include a JSON resource file
+\(dqforms.json\(dq mapping form names to arrays of
+attribute names each form provides.
+The list of possible FORM names is fixed in the SPA
+for a particular exchange release.
+.TP
+.B DESCRIPTION
+Descriptions to use in the SPA to display the check.
+.TP
+.B DESCRIPTION_I18N
+JSON with internationalized descriptions to use
+in the SPA to display the check.
+.TP
+.B REQUIRES
+\(aq;\(aq\-separated list of fields that the CONTEXT must
+provide as inputs to this check. For example,
+for a FORM of type CHOICE, this might state
+\fBchoices: string[];\fP\&. The type after the \(dq:\(dq
+is for now purely for documentation and is
+not checked. However, it may be shown to AML staff
+when they configure measures.
+.TP
+.B OUTPUTS = business_name street city country registration
+Description of the outputs provided by the check.
+Basically, the check\(aqs output is expected to
+provide the following fields as attribute inputs into
+a subsequent AML program.
+Only given for type FORM; INFO never has any outputs,
+and for type LINK we can obtain the same information
+from the CONVERTER via \fB\-\-list\-outputs\fP\&.
+.TP
+.B FALLBACK
+Name of an \fBoriginal\fP measure to take if the check fails
+(for any reason, e.g. provider or form fail to
+satisfy constraints or provider signals user error)
+Usually should point to a measure that requests
+AML staff to investigate. The fallback measure
+context always includes the reasons for the
+failure.
+.UNINDENT
+.SS EXCHANGE KYC RULES
+.sp
+The following options must be in \(dq[kyc\-rule\-$RULE_NAME]\(dq sections.
+.INDENT 0.0
+.TP
+.B OPERATION_TYPE = WITHDRAW
+Operation that triggers this rule.
+Must be one of WITHDRAW, DEPOSIT, P2P\-RECEIVE
+or WALLET\-BALANCE.
+.TP
+.B NEXT_MEASURES
+Space\-separated list of next measures to be performed.
+The SPA should display \fIall\fP of these measures to the user.
+(They have a choice of either which ones, or in
+which order they are to be performed.)
+A special measure name \(dqverboten\(dq is used if the
+specified threshold may never be crossed
+(under this set of rules).
+.TP
+.B IS_AND_COMBINATOR
+\(dqYES\(dq if all NEXT_MEASURES will eventually need
+to be satisfied, \(dqNO\(dq the user has a choice between
+them. Not actually enforced by the exchange, but
+primarily used to inform the user whether this is
+an \(dqand\(dq or \(dqor\(dq. YES for \(dqand\(dq.
+.TP
+.B EXPOSED
+YES if the rule (specifically, operation type,
+threshold, timeframe) and the general nature of
+the next measure (verboten or approval required)
+should be exposed to the client.
+Defaults to NO if not set.
+.TP
+.B THRESHOLD
+Threshold amount above which the rule is
+triggered. The total must be exceeded in the given
+timeframe.
+.TP
+.B TIMEFRAME
+Timeframe over which the amount to be compared to
+the THRESHOLD is calculated (for example, \(dq30 days\(dq).
+Ignored for WALLET\-BALANCE. Can be \(aqforever\(aq.
+.TP
+.B ENABLED = NO
+Set to YES to enable the rule (default is NO).
+.UNINDENT
+.SS EXCHANGE AML PROGRAMS
+.sp
+The following options must be in \(dq[aml\-program\-$PROG_NAME]\(dq sections.
+.INDENT 0.0
+.TP
+.B COMMAND
+Name of the program to run. Must match a binary
+on the local machine where the exchange is running.
+.TP
+.B DESCRIPTION
+Human\-readable description of what this
+AML helper program will do. Used to show
+to the AML staff.
+.TP
+.B ENABLED
+True if this AML program is enabled (and thus can be
+used in measures and exposed to AML staff).
+Optional, default is NO.
+.TP
+.B FALLBACK
+Name of an \fBoriginal\fP measure to take if COMMAND fails
+Usually points to a measure that asks AML staff
+to contact the systems administrator. The fallback measure
+context always includes the reasons for the
+failure.
+.UNINDENT
+.SS EXCHANGE KYC MEASURES
+.sp
+The following options must be in \(dq[kyc\-measure\-$MEASURE_NAME]\(dq sections. These sections define the \fBoriginal\fP measures.
+.INDENT 0.0
+.TP
+.B CHECK_NAME
+Name of a possible check for this measure. Optional.
+If not given, PROGRAM should be run immediately
+(on an empty set of attributes).
+.TP
+.B CONTEXT = {\(dqchoices\(dq:[\(dqindividual\(dq,\(dqbusiness\(dq]}
+Context for the check. The context can be
+just an empty JSON object if there is none.
+.TP
+.B PROGRAM
+Program to run on the context and check data to
+determine the outcome and next measure.
+Refers to a \fB[aml\-program\-$PROG_NAME]\fP section name.
+.UNINDENT
.SS EXCHANGE EXTENSIONS OPTIONS
.sp
The functionality of the exchange can be extended by extensions. Those are
@@ -935,6 +1106,6 @@ mail to <\fI\%taler@gnu.org\fP>.
.SH AUTHOR
GNU Taler contributors
.SH COPYRIGHT
-2014-2022 Taler Systems SA (GPLv3+ or GFDL 1.3+)
+2014-2024 Taler Systems SA (GPLv3+ or GFDL 1.3+)
.\" Generated by docutils manpage writer.
.
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 08:43:04 +0000